摘要 |
In an embodiment, a method comprises implementing a memory event interface to a hypercall interface of a hypervisor or virtual machine operating system to intercept page faults for writing pages of memory that contain a computer program; receiving a page fault resulting from a guest domain attempting to write a page that is marked as not executable in a memory page permissions system; determining a first set of memory page permissions for the page that are maintained by the hypervisor or virtual machine operating system; determining a second set of memory page permissions that are maintained independent of the hypervisor or virtual machine operating system; determining a particular memory page permission for the page based on the first set and the second set; processing the page fault based on the particular memory page permission, including performing at least one security function associated with regulating access to the page. |